On 2013/02/06 13:55, Gregor Best wrote: > On Wed, Feb 06, 2013 at 09:41:09AM -0300, Gleydson Soares wrote: > > Your diff is broken. > > Please. regen against current. > > [...] > > My apologies. A regenerated patch is attached. > > -- > Gregor Best
> diff -ur wpa_supplicant.old/Makefile wpa_supplicant/Makefile > --- wpa_supplicant.old/Makefile Wed Feb 6 13:53:25 2013 > +++ wpa_supplicant/Makefile Wed Feb 6 13:50:08 2013 > @@ -3,7 +3,7 @@ > COMMENT= IEEE 802.1X supplicant > > DISTNAME= wpa_supplicant-2.0 > -REVISION= 1 > +REVISION= 2 > CATEGORIES= security net > > HOMEPAGE= http://hostap.epitest.fi/wpa_supplicant/ > diff -ur wpa_supplicant.old/files/config wpa_supplicant/files/config > --- wpa_supplicant.old/files/config Wed Feb 6 13:53:34 2013 > +++ wpa_supplicant/files/config Wed Feb 6 13:50:27 2013 > @@ -10,6 +10,7 @@ > CONFIG_DRIVER_OPENBSD=y > CONFIG_IEEE8021X_EAPOL=y > CONFIG_PEERKEY=y > +CONFIG_PKCS12=y > > CONFIG_EAP_MD5=y > CONFIG_EAP_MSCHAPV2=y I've merged this with mine which adds an rc script and README. Also removed my patch to wpa_priv, it looks like driver_common should probably be added to OBJS_d instead, however when using privsep code (on my wired interface, I don't have wpa-enterprise setup yet) I'm not seeing it transmit anything, so I would be interested to know if privsep is working for people using wpa_supplicant 2.0 on other OS (do other OS even use privsep mode?). Index: Makefile =================================================================== RCS file: /cvs/ports/security/wpa_supplicant/Makefile,v retrieving revision 1.9 diff -u -p -r1.9 Makefile --- Makefile 4 Feb 2013 10:04:44 -0000 1.9 +++ Makefile 6 Feb 2013 15:43:51 -0000 @@ -3,7 +3,7 @@ COMMENT= IEEE 802.1X supplicant DISTNAME= wpa_supplicant-2.0 -REVISION= 1 +REVISION= 2 CATEGORIES= security net HOMEPAGE= http://hostap.epitest.fi/wpa_supplicant/ Index: files/config =================================================================== RCS file: /cvs/ports/security/wpa_supplicant/files/config,v retrieving revision 1.2 diff -u -p -r1.2 config --- files/config 28 Jan 2013 11:03:16 -0000 1.2 +++ files/config 6 Feb 2013 15:43:51 -0000 @@ -10,6 +10,7 @@ CONFIG_DRIVER_WIRED=y CONFIG_DRIVER_OPENBSD=y CONFIG_IEEE8021X_EAPOL=y CONFIG_PEERKEY=y +CONFIG_PKCS12=y CONFIG_EAP_MD5=y CONFIG_EAP_MSCHAPV2=y @@ -31,6 +32,5 @@ CONFIG_EAP_SIM=y CONFIG_PCSC=y CONFIG_SMARTCARD=y -# privilege separation, see README. -# WIP: not yet tested. +# privilege separation, see README. not working yet. # CONFIG_PRIVSEP=y Index: patches/patch-wpa_supplicant_wpa_priv_c =================================================================== RCS file: patches/patch-wpa_supplicant_wpa_priv_c diff -N patches/patch-wpa_supplicant_wpa_priv_c --- patches/patch-wpa_supplicant_wpa_priv_c 28 Jan 2013 11:03:16 -0000 1.1 +++ /dev/null 1 Jan 1970 00:00:00 -0000 @@ -1,34 +0,0 @@ -$OpenBSD: patch-wpa_supplicant_wpa_priv_c,v 1.1 2013/01/28 11:03:16 sthen Exp $ ---- wpa_supplicant/wpa_priv.c.orig Sat Jan 26 10:49:28 2013 -+++ wpa_supplicant/wpa_priv.c Sat Jan 26 10:50:56 2013 -@@ -92,6 +92,7 @@ static void wpa_priv_cmd_unregister(struct wpa_priv_in - } - - -+#if 0 - static void wpa_priv_cmd_scan(struct wpa_priv_interface *iface, - char *buf, size_t len) - { -@@ -170,6 +171,7 @@ static void wpa_priv_cmd_get_scan_results(struct wpa_p - sendto(iface->fd, "", 0, 0, (struct sockaddr *) from, - sizeof(*from)); - } -+#endif - - - static void wpa_priv_cmd_associate(struct wpa_priv_interface *iface, -@@ -487,12 +489,14 @@ static void wpa_priv_receive(int sock, void *eloop_ctx - case PRIVSEP_CMD_UNREGISTER: - wpa_priv_cmd_unregister(iface, &from); - break; -+#if 0 - case PRIVSEP_CMD_SCAN: - wpa_priv_cmd_scan(iface, cmd_buf, cmd_len); - break; - case PRIVSEP_CMD_GET_SCAN_RESULTS: - wpa_priv_cmd_get_scan_results(iface, &from); - break; -+#endif - case PRIVSEP_CMD_ASSOCIATE: - wpa_priv_cmd_associate(iface, cmd_buf, cmd_len); - break; Index: pkg/PLIST =================================================================== RCS file: /cvs/ports/security/wpa_supplicant/pkg/PLIST,v retrieving revision 1.3 diff -u -p -r1.3 PLIST --- pkg/PLIST 28 Jan 2013 11:03:16 -0000 1.3 +++ pkg/PLIST 6 Feb 2013 15:43:51 -0000 @@ -1,16 +1,18 @@ @comment $OpenBSD: PLIST,v 1.3 2013/01/28 11:03:16 sthen Exp $ -@comment @man man/man8/wpa_priv.8 @comment @bin sbin/wpa_priv @man man/man5/wpa_supplicant.conf.5 @man man/man8/wpa_background.8 @man man/man8/wpa_cli.8 @comment @man man/man8/wpa_gui.8 @man man/man8/wpa_passphrase.8 +@comment @man man/man8/wpa_priv.8 @man man/man8/wpa_supplicant.8 @bin sbin/wpa_cli @bin sbin/wpa_passphrase @bin sbin/wpa_supplicant +share/doc/pkg-readmes/${FULLPKGNAME} share/examples/wpa_supplicant/ share/examples/wpa_supplicant/wpa_supplicant.conf @sample ${SYSCONFDIR}/wpa_supplicant.conf share/examples/wpa_supplicant/wpa_supplicant.conf.dist +@rcscript ${RCDIR}/wpa_supplicant Index: pkg/README =================================================================== RCS file: pkg/README diff -N pkg/README --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pkg/README 6 Feb 2013 15:43:51 -0000 @@ -0,0 +1,35 @@ +$OpenBSD: README.template,v 1.4 2011/06/02 13:44:40 ajacoutot Exp $ + ++----------------------------------------------------------------------- +| Running ${FULLPKGNAME} on OpenBSD ++----------------------------------------------------------------------- + +Configuring wireless interfaces +=============================== +Configure your interface in the normal way using ifconfig(8) commands +or via /etc/hostname.<iface>. You must explicitly set 802.1x mode; it is +also recommended that the BSSID is configured explicitly, e.g.: + +# ifconfig rsu0 nwid humppa bssid 11:22:33:44:55:66 wpa wpaakms 802.1x up + +Access-point scanning is not currently supported by the OpenBSD code in +wpa_supplicant, so ap_scan=0 should be set in ${SYSCONFDIR}/wpa_supplicant.conf. + +Starting wpa_supplicant at boot time +==================================== +An rc.d(8) script is provided to start wpa_supplicant, so you can add the +usual line to /etc/rc.conf.local: + +pkg_scripts="${pkg_scripts} wpa_supplicant" + +The interface name must be given on the command line - this is preset to +"athn0" in the rc.d script. To use an alternative interface, do _not_ +modify the /etc/rc.d/wpa_supplicant script, but instead change this in +/etc/rc.conf.local by adding a line using the format of one of the +following examples: + +# 802.11 wireless +wpa_supplicant_flags="-c ${SYSCONFDIR}/wpa_supplicant.conf -D openbsd -i ral0" + +# wired +wpa_supplicant_flags="-c ${SYSCONFDIR}/wpa_supplicant.conf -D wired -i em0" Index: pkg/wpa_supplicant.rc =================================================================== RCS file: pkg/wpa_supplicant.rc diff -N pkg/wpa_supplicant.rc --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ pkg/wpa_supplicant.rc 6 Feb 2013 15:43:51 -0000 @@ -0,0 +1,10 @@ +#!/bin/sh +# +# $OpenBSD$ + +daemon="${TRUEPREFIX}/sbin/wpa_supplicant -B" +daemon_flags="-c ${SYSCONFDIR}/wpa_supplicant.conf -D openbsd -i athn0" + +. /etc/rc.d/rc.subr + +rc_cmd $1
